Month of Apple Bugs - Transmit does not allocate enough space when dealing with the string passed on via the ftps:// URL handler, leading to an exploitable heap-based buffer overflow condition. This is the proof of concept exploit.
9080e0d951067307f9ad1fe2f1c855dcceaac4dd146e38b6c610d666ed9c242fOracle 10g SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL SQL injection exploit.
ff6fb0134cfc47331035b5f15c58c56826677223f77908b27cd35cbb99a246e5Oracle 10g SYS.KUPW$WORKER.MAIN PL SQL injection exploit.
8beaa06d01b567da971ba185e7339af52a5064fb0a7948237f40db6c321bfd9aOracle 10g SYS.KUPV$FT.ATTACH_JOB PL SQL injection exploit.
ed9f5b91026cb15dc943ab62c9204654d1437846a3973ebd51b5c69cb614ffdeVote-Pro version 4.0 remote code execution exploit that makes use of poll_frame.php.
00009b7e4146bd3200b4090538fa6e83c6a88916b5ac2a8a616d4ecc63a8ee0cBBClone version 0.31 suffers from a remote file inclusion vulnerability in selectlang.php.
e7adc8dfccb70309e1f6bfc9f2a2afead0b714d3314269447ae6dba45d0442b6phpXD versions 0.3 and below remote file inclusion exploit.
a458745ac671c26d9c651cb1bd37fcbf6d430224b0bdad3671c24d4cac1d8cffSami HTTP Server version 2.0.1 remote denial of service exploit.
2326d69f70737e6f9c98f0454fa72eeb1651ffc0778b1363535a83c316ced6b0Sun Microsystems Java GIF file parsing memory corruption vulnerability proof of concept exploit.
bef001eada19b002d8d220d83f479254605f9fc79694a55346531c4c2aa13a42FreeForum version 0.9.0 suffers from a remote file inclusion vulnerability in index.php.
e4902e71f33f297d1b5dc3c869fcc1b26c9122c8001e6591f0ddbbbbd713ee7cPHP Link versions 3.0.6 and below are susceptible to a cross site scripting vulnerability.
6b2b52bda7ceaee66733cc1672e10cb2052f52629a8dfb1a363b5cd9d1d31a59RubyGems is susceptible to exploitation due to a lack of sanity checking on installation paths. Patches included.
55ef302c7e916570b7ccfa3bfc866b9952356d81a9778d8d8b650880ceeaaa13RapidKill remote command execution exploit.
2f65755748ba7a1f43fc4ae164b313e9bb15db50d8fcc96bf7a989658988d7fcGentoo Linux Security Advisory GLSA 200701-13 - Neil Hoggarth has discovered that when delivering messages to a message delivery agent by means of the mda option, Fetchmail passes a NULL pointer to the ferror() and fflush() functions when refusing a message. Isaac Wilcox has discovered numerous means of plain-text password disclosure due to errors in secure connection establishment. Versions less than 6.3.6 are affected.
d6e962e0dea07d53346c38429d26622c771bcf8519ecc9eb7546cb5c5b1a0c7bDebian Security Advisory 1251-1 - It has been discovered that netrik, a text mode WWW browser with vi like keybindings, doesn't properly sanitize temporary filenames when editing textareas which could allow attackers to execute arbitrary commands via shell metacharacters.
b1a35ff7b5a13c4460f8c080ce5fa76d08cdbc08e8ba30ec7d6b595aba91c454Unique Ads aka UDS version 1.x suffers from SQL injection flaws.
896887833917209a15dd076d75d1463fc959a3edb3d8fb5c9a3b0d8b1a7232b0Guestbook version 4.00 beta by 212cafe.com is susceptible to cross site scripting attacks.
1bf111a20445339a4d2b6a7c240269b8de7e0c62fad2a52e5ac075347a218f83212cafeBoard version 0.08 Beta and 6.30 Beta are susceptible to cross site scripting attacks.
8eed1078bbae2a1359eede340597aea5fbf7d754130a8465456302bad8748345cmsimple version 2.7 suffers from multiple remote file inclusion vulnerabilities.
6c76c022aeeb704ce22b01b59c84b7acac531a4c0dfd4751f4915bbed5135c02Digital Armaments Advisory - A vulnerability exists in expand_stack() of the grsecurity patch. This vulnerability is only locally exploitable. Proof of concept exploitation code included.
675710176a2499f8fe8b6258627ebc20860e8e03147a39b2eafe046dd1e1d363The PayPal Subscription Manager suffers from cross site scripting and SQL injection flaws.
ee1cc330102039d877adf181135d8cdd791b58b5a2b6a2655a6b3ed8aecbe345Login Manager version 3.0 suffers from cross site scripting and SQL injection flaws.
296dac2af25d4b92d58cfeeb051c7413e83a87643b7b4e682ef5643ee0457055Secunia Security Advisory - Kacper has reported a vulnerability in KGB, which can be exploited by malicious people to compromise a vulnerable system.
745d5b9c7cfdd6f6801238341a06da8d4c14a932c1517d7855fb6f5b54ac9d5bSecunia Security Advisory - KF has reported a weakness in Apple Mac OS X, which can be exploited by malicious, local users to gain escalated privileges.
ab6745008e8a1641dfc097d418f9d2f42098e912f357259207eb858101319c9fSecunia Security Advisory - SUSE has issued an update for squid. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
9d0517e5a6edf5acbad04a1dab759930d1e94a406a8cd339018f9ff81899ac13
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed