iDefense Security Advisory 04.27.07 - Remote exploitation of a design error in the "Shared Folders" feature of VMware Inc.'s VMware Workstation could allow an attacker to write arbitrary content from a guest system to arbitrary locations on the host system. The "Shared Folders" feature of VMware Workstation allows folders on the physical "host" system to be shared with virtual "guest" systems. Due to a flaw in the code which validates that the filename is safe, an attacker or malicious code within the guest system can read or write files on the host system in the context of the user running Workstation. iDefense confirmed this vulnerability to exist in VMware Workstation 5.5.3 build 34685 on a Windows XPSP2 host. Other versions may also be affected.
986af36d0e411257079a904b37ea915ac0bfde0376b6767e4ab2099b201704a1GHH version 1.1 suffers from a password disclosure vulnerability.
8edd5f78786a8e36468e3dd6b91fbb7e6c557fa8e483b9737e2bddaece22dfe9Packet Storm new exploits for April, 2007.
030b7e36fd98531f9cad24d1bf0eac0112a71a39579b1aac96fbf848e7095768HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running HP Power Manager Remote Agent (RA). The vulnerability could be exploited by a local authorized user to execute arbitrary code with the privileges of the root user.
767da577e7bf4642e1432bcc4bdfaa24af11fb6c9a0f65f0674c716f54f0baeeDebian Security Advisory 1283-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code.
c54d56268b90168aacfce8d14ed3df2d22e9234134cbe834f81eef7a9f542934Seir Anphin is susceptible to a local file disclosure vulnerability in file.php.
61c534b8d0ab9614b968a3cd571c92ebf1e2ce39d50594e76c0148fe70c70f52JAF CMS version 4.0 suffers from a cross site scripting vulnerability.
bc711f92bd4f5743950a47e03a711bc7f52aca95fb478363810a2cf354c9c6e9Excel Viewer .OCX version 3.1.0.6 multiple methods denial of service exploit.
2588913a9c00c91c36916e498e292b93d5859ad677b7bd1a539673f613184afaPowerPoint Viewer .OCX version 3.1.0.3 ActiveX denial of service exploit.
3b018a681cb9ac10fdd6266509eac9c4359e84c6aa64c91cfe029853e1358a9cRealPlayer 10 remote denial of service exploit that makes use of the .ra file flaw.
b015c7246d0f8bd3218fee4e99022278955d21ba08a1ad2e37b0d2f853274020The PostNuke module v4bJournal suffers from a remote SQL injection vulnerability.
a0ecdd31d3ae0393c44a1d1b3dab0a3dab2e3af46d6cdb8269f2721967ff45bcYaPIG version 0.95b remote code execution exploit.
04c7d22f181dcc905b0733367be6d90281833fa2105a92e7b7e23bef50ff56d0mxBB module MX Faq and Rules versions 2.0.0 and below remote file inclusion exploit.
844ca4e946eb2f20318a75423ec568360de63368b17e2814951496d9a897b46a1024 CMS version 0.7 suffers from a file disclosure vulnerability.
4fdcc86cffcf3de5c5e649b5b827071699deba275d5276c24a3a9d1c4e20937bPStruh-CZ versions 1.3 and 1.5 suffer from a file disclosure vulnerability.
85ce36a769785894cc3dffe4c90945e6e27333d18b9105d89b874b0be1655faf3proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit. Uses the reverse connect-back method.
cb5338af3ab1feac826130b57cdbd6d1550d917686e22c285708f4158c9003f23proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit for win32. Binds a shell to tcp port 7979.
c01927dc7bdc5ec6906d1be1b4604e4dbc614e0b115fb9d2ad8570e7a9c45c3c3proxy version 0.5.3g proxy.c logurl() remote buffer overflow exploit for Linux. Can spawn a bind shell or launch connect-back code.
6c88fda037ba960a678b91b49e36f8dc08ef0d1a5e49878c3b716503bd53e1ffFenice OMS server version 1.10 remote root buffer overflow exploit.
ccb2a8ac8990e9209800f79b19078b6c4c6acc738a98dd5da1d2b538125e0ad6IPIX Image Well ActiveX buffer overflow exploit that executes calc.exe.
614b9564487a5d27fae85a73c7a78cfac6266335efd6e94a45174369c9f7e7f3Internet Explorer NCTAudioFile2.AudioFile ActiveX remote stack overflow exploit.
914fc70b543cb35369e5c7ae913f0280df476b63f568ad21e0a7a26edc8238b1Winamp versions 5.34 and below .MP4 file code execution exploit that spawns calc.exe or binds a shell to tcp port 4444.
5231fc6957b90c9479fe8b2675abd7027a9483ca6a35b26a845bb39958c17d7fPhotoshop CS2/CS3 and Paint Shop Pro version 11.20 .PNG buffer overflow exploit that spawns calc.exe or binds a shell to tcp port 4444.
44dfeaf4cd5e5e9633631a043b2bcbf875c49f7860b82da7d501e1c99f1a7394IrfanView versions 4.00 and below .IFF buffer overflow exploit that spawns calc.exe or binds a shell to tcp port 4444.
6dd650ea32e397aafa576e1e2350950671e7fa1936dbf73cabd78835ee545190Gimp version 2.2.14 buffer overflow exploit that spawns calc.exe or binds a shell to tcp port 4444.
920de2d6270d6f063230cc1042f5b4c5c4afce6664223b66ff088c65444ed826
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed