The .NET framework suffers from multiple null byte injection vulnerabilities.
863f8db0275fbdb8a2657456d78b3f55bfe1293b30c14456c22a025f81c903cd
During security analysis of the Tippingpoint IPS product a signature evasion vulnerability was discovered. The use of specific Unicode characters on particular web servers allows a remote user to bypass IPS detection. TippingPoint IPS running TOS versions 2.1 and 2.2.0 through 2.2.4 are affected.
6f096c7d1575ccab140fb5d74534f518a3bf2d699a01ead2f75f0a29ba1ec679
Technical Cyber Security Alert TA07-191A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Excel, Publisher, .NET Framework, Internet Information Services, and Windows Vista Firewall. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
10908d2b702a850934ea4d87673729178a7f41675d3b16d8c515c313f1ad2447
The sasatl.dll version 1.5.0.531 Program Checker javascript heap spraying exploit.
ddcf6c08f46200f3fb2a6a62585c15626930cd9c64cfebf9bae58403cffa35c5
Mandriva Linux Security Advisory - A heap overflow flaw was found in the RTF import filter of OpenOffice.org. If a victim were to open a specially-crafted RTF file, OpenOffice.org could crash or possibly execute arbitrary code.
36298dcee9b7a44e7d2bf0c5129c1df6c81c19ed6724e6b76947ad1bee2cf253
iDefense Security Advisory 07.09.07 - Local exploitation of a buffer overflow vulnerability in IBM Corp.'s AIX libodm library could allow an attacker to execute arbitrary code on a targeted host. iDefense has confirmed the existence of this vulnerability in AIX version 5.3 SP 4. Previous versions may be vulnerable.
9db45e2cc16e6fbda5d5997f92ce7c2458a5b109ca5493efc41f3acb937a2e1d
The Belkin Router G Plus router administration web administrative interface suffers from a cross site scripting vulnerability.
7d420fa44c8ce272bc7185c3adcb6f3c4d5b1cb5ed9687bc0ab978bf1da01184
Centericq version 4.21 on FreeBSD as well as the official sources have been found vulnerable to multiple buffer overflows.
695f8d41c00f3dd190485927ef216e87f08348cdcb3ef1dd4e144206e4e61c15
SurgeFTP version 2.3a1 Linux suffers from a cross site scripting vulnerability.
eef9a98052e8bafe92d55157a4fa35e226ac63cbe789ec403cfc1bb8b0d1221e
SurgeFTP version 2.3a1 Linux suffers from a denial of service condition in its mirror mechanism.
c2e32fdacdb65dce7021a2557bc1a2223d451dd4eeac4d1916119a75c0f49443
SurgeMail version 3.7b8 Linux suffers from a format string vulnerability.
525c089d7648287aa57c4e50b8da924fae9c965e876911b34796cfc782d2004e
ImgSvr suffers from a stack overflow vulnerability.
565d22b95eca8b9f9bc666c22a941d4f22918caf966cb2431c62ee0ee7aa6b51
ImgSvr suffers from a directory traversal vulnerability.
587cd55bbcebb9efada9fd3e9fcfc6871ab6005bad8bc15228ce890a7df36ba8
eVisit Analyst is susceptible to SQL injection vulnerabilities.
64578dc3aa5280d374e5a5e33556efa48bdbd09dd432b0ed80d48f0beb44bd5b
The P-Synch Windows domain password reset web applications style parameter allows JavaScript injection.
c811e757dfd03f032fd13506676e048f9ede59a8110969e28f822537f3024761
The Visionsoft Audit VSAOD server allows unauthenticated remote uninstalls.
32402fc81e4ee4ae9e23d1ceb60cacbf198a7d5fc6b22292f9f6fc8f8265bdf5
The Visionsoft Audit VSAOD server allows remote execution via replay attacks.
004207ae5040f7c23e2f7d9ad194d7a20cac4fec06e9f90ca3090225f8f4378b
The Visionsoft Audit VSAOD server uses a weak algorithm to obscure passwords on the wire and within configuration files.
b6fd4cef86a7b3de8087f1a06c1b54ae2bd07778dc4aaa91dcebb564068f580a
The Visionsoft Audit VSAOD server allows unauthenticated ini file overwrites.
080c13ef81c71eead5eac67e36b28638bf7df5074f26812c3f11e624fd39d0bd
The Visionsoft Audit VSAOD server has input validation flaws which can result in an unauthenticated heap overflow.
35bcdad69de32a6aedc37641dbe69fac6033d3ecd0cdbb3c608b7eb0b1ca6942
The Visionsoft Audit VSAOD server allows unauthenticated arbitrary file overwrites.
6d06f3e515cfdc1f95baad70dd94df729268176755bcede76369cf643d89352f
DNS Pinning and Web Proxies - A white paper that describes DNS based attacks against web proxies.
e091af8bf559a04f3c1150ba90ac58ae3ddd17fb123c3630be4e8ae38dcdaf3c
Entertainment CMS suffers from an administrative bypass vulnerability via cookie manipulation.
22933147d7b58a7f5247fb8767512c2d7aceb469e00f758880c86ee845f87330
FlashBB versions 1.1.7 and below remote file inclusion exploit.
2351aa8e15f74a850b025f9f71c868279e07f3257c226354dbfe2ae779722de0
zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easy to reproduce bugs.
7df5232b8c6004828bcde2ac32d9d75b2b39d4f4bd4c9c56582f739aa62efa58