The PHP-Fusion Calendar_Panel module suffers from a remote SQL injection vulnerability in show_event.php.
79ea46463221b9e0d1c36d3f074964b87a0d4475a456140e1265183688fb9a26Microsoft Windows Animated Cursor (.ANI) local buffer overflow exploit.
c64e34f4f1bfa0a176561e8d96efc13a1f65252b8b3bec41903a133eab142fc4Exploit for the Microsoft Windows .ANI LoadAniIcon stack overflow vulnerability.
9bbb7c1c2b71a6a3b99aa65609485e47c1dfaa3714e3947845ac1906488602f1PHP-Fusion module Arcade version 1.0 suffers from a remote SQL injection vulnerability.
09c2a92d7326bbade70922ec3e5ad35f2f0e4c1fa770836afb0dadfce655546fraw-socket ICMP/checksum shell shellcode that is 235 bytes in size.
8f0bcd2b244d7627399086ddb072b42bb32cc90ecf2fa10c877287dcbea6e040Remote exploit for dproxy versions 0.5 and below. Binds a shell to TCP port 4444.
71d56c60f1e232a94229b71556636b01433745ed2ae92d6b6761ae4dc0da6e6eA vulnerability allows attackers to execute arbitrary code on vulnerable installations of America Online with Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Affected software is America Online 9.0 Security Edition.
6a16c6b2fa6bd6a2e4364fc3b2faf209928ece3e1f3ddb864eb76607692a74f8Gentoo Linux Security Advisory GLSA 200703-26 - Jean-S
ce1c65bc507a25ed70388b1698af784c5d3905013a8714609d2cead5303469fdBrief whitepaper discussing research performed analyzing whether or not a 30 dollar Bluetooth dongle could be transformed into a full blown Bluetooth sniffer.
f3a4af82e005cae51da0d0956e317435cb453b6bea93a309c7b3d0a113cfc977Technical Cyber Security Alert TA07-089A - A stack buffer overflow exists in the code that Microsoft Windows uses to processes animated cursor files. Specifically, Microsoft Windows fails to properly validate the size of an animated cursor file header supplied in animated cursor files. Animated cursor files can be included with HTML files. For instance, a web site can use an animated cursor file to specify the icon that the mouse pointer should use when hovering over a hyperlink. Because of this, malicious web pages and HTML email messages can be used to exploit this vulnerability. In addition, animated cursor files are automatically parsed by Windows Explorer when the containing folder is opened or the file is used as a cursor. Because of this, opening a folder that contains a specially crafted animated cursor file will also trigger this vulnerability. Note that Windows Explorer will process animated cursor files with several different file extensions, such as .ani, .cur, or .ico. Furthermore, Windows will automatically render animated cursor files referenced by HTML documents regardless of the animated cursor file extension. This vulnerability is actively being exploited.
88ff5cb0b2c86b944410bb7da551094c03637adf8b99db901e3d6783b9610e10Blog-Entry suffers from multiple cross site scripting vulnerabilities.
c067dbd712c87c9b9338f90a9d53ca2cdde330f9eb8a75de9b75684b912f4e8aTime-Assistant versions 6.2 and below suffer from a remote file inclusion vulnerability.
3cfbf1daaae2f4113e3b127c6b2be84a5edccc5428527d1ffad449b787b71c38Quick and dirty blanket fix for the Microsoft Windows ANI zero-day vulnerabilities. Prevents loading cursors from outside the Windows directory.
3b81a136644b11b0a7ff108dd16f0475eb209f61cc7f58f1aa3a32ab34040fd2VMware Security Advisory - The VMware ESX server has new patches released that address a slew of security issues.
cf9fc52da2246cff687a3a74cf8cee473029ab538b685bc029a694207623808fDrakeCMS suffers from a cross site scripting vulnerability in ui.dta.php.
122036eb45d75c8107306fe5fe89eb26102349a8f2efd82e1a973d223646722eComputer Associates (CA) Brightstor Backup suffers from a remote code execution vulnerability in Mediasvr.exe.
3f5b72ba1d741c2f1af11dd43b6615839776262ab1ae08113f6424e968ce231fMyBB suffers from a change password vulnerability.
ca762ba619df945efb65ce710198bae5e60b959ca1228eea5a18b1e86502565eMandriva Linux Security Advisory - Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document.
56b220c1da1369eb014d4498a0742c9e0d7755b8ceb84a7f162bd4755ef5ab0eGentoo Linux Security Advisory GLSA 200703-25 - Mu Security has discovered that Ekiga fails to implement formatted printing correctly. Versions less than 2.0.7 are affected.
ebfbe3ad37e4cec53357ffaa0a9754510f08a3a4405f3ba9de36ad8d6167c2feMandriva Linux Security Advisory - The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a FTP PASV command.
ee68a1f822a62c0a2935ff787c003d60672b64d36193c73cfe7b0f3f19b7173eMandriva Linux Security Advisory - Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption. Integer underflow in X MultiMedia System (xmms) 1.2.10 allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which results in a stack- based buffer overflow.
c541a4dab7a9751579835a79eeceba82d89907d1e65aab44ad601badf6be1ee0iDefense Security Advisory 03.29.07 - Remote exploitation of a input validation vulnerability in IBM Corp.'s Lotus Sametime allows attackers to execute arbitrary code in the context of the user viewing a malicious web page. The problem specifically exists in the STJNILoader.ocx component of IBM Corp.'s Lotus Sametime product. This ActiveX control is safe for scripting and exports a LoadLibrary function that does not properly sanitize input. iDefense has confirmed that this vulnerability is present in IBM Corp.'s Lotus Sametime STJNILoader.ocx version 3.1.0.26.
176a7cb1e83f154ccc8af07f4cbe77546f283f0105fddba28d1cfc898267a850AOL has recently been made aware of a denial of service condition that exists in early versions of the AOL 9.0 client software.
886495f614e9e3363d76d06cab2b7dc8556864ff6b1690722ae7362795ff25f2Windows Live Spaces suffers from a cross site scripting vulnerability in NetworkSetup.aspx.
c7f7738ff0ba5abd8262cd330013a6e4f789fdefc29caca78f01030de90bb36fAdvanced Login versions 0.7 and below suffer from a remote file inclusion vulnerability.
90d3724df6e1fc08ea882f0db39affa84f15bfd8cc0d67fb40070a3a55901b76
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed