SEH Overwrites Simplified - This paper goes through the SEH Overwrites on two different Windows platforms using the aid of diagrams on the stack.
259742399feaa2ed5b566534d05af122bfb8d309854c6b4f760126bcc7a3262e
PolDoc CMS version 0.96 suffers from a remote file disclosure vulnerability in download_file.php.
20cadee4f4f4d726287051852cf13b2ebc3b826f429f358f6f417d72f49c2b93
PHP-Nuke suffers from a remote file inclusion vulnerability in autohtml.php.
e24737c2848f8fa9d60ead1e1718041f9373ad9f5823a90e7c48b7d2710234ef
DOOM CMS for ISPs version 1.2 suffers from a remote file inclusion vulnerability.
571f133eea7f944f053fd36b060fea976271549a0cefa63d5c4d6acc6bc1d5ea
ChiCoMaS CMS version 2.0.4 suffers from a cross site scripting vulnerability.
c957f56440eee828c1b7162836c19182fadfd1ef33ff367e7cc4ab81346b8e4a
Debian Security Advisory 1426-1 - Several local/remote vulnerabilities have been discovered in the Qt GUI Library.
5c082ffb313e5bed2505f52c4b98056b4600ea82437d9d3a9c050d680cc070dd
Debian Security Advisory 1425-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
bc9da4ebc8482992a1764e554998871fa34bace3215be4be99b5e18fd4a570e9
Debian Security Advisory 1424-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.
0b20d0bafd53e150a885eb49067d4cd05ed44445abe390f048728fd918cd9cc3
Ubuntu Security Notice 555-1 - Rafal Wojtczuk discovered multiple integer overflows in e2fsprogs. If a user or automated system were tricked into fscking a malicious ext2/ext3 filesystem, a remote attacker could execute arbitrary code with the user's privileges.
e7a11d56eb3e99043e5335502f1292778fc1e5560a03ee905de6011562eb3507
Media Player Classic version 6.4.9 MP4 stack overflow that spawns a shell on port 49152.
bcc3823a3770e7564eb38025a676366b83ae463556dc38f12c133913270b5847
Windows Media Player version 6.4 MP4 stack overflow exploit that spawns a shell on port 49152.
1075f871b1e0d358fa47f8b51db31bcf752096bf97aa9fa0a20ad30bbbafb927
Nullsoft Winamp MP4 tags stack overflow exploit. Tuned for version 5.32. Spawns a shell on port 49152.
352cce126a1e9bebc34bd197211843b09e0d5c351024ed0d6af37657556b21e3
HTTP File Server versions 2.2a and below and 2.3 beta and below suffer form a directory traversal vulnerability in file uploading.
4b3710f457633595f2cb9577aaa76fb204b3aa442a3917ce56c6b7ba3f6826f2
Firefly media Server (mt-daapd) versions 2.4.1 and below and SVN versions 1699 and below proof of concept exploit that demonstrates multiple vulnerabilities.
06ea0019b5ce59af46c80a88b7028f72b55a6faa4da174cf5eebb51ee8cf5b9f
Firefly media Server (mt-daapd) versions 2.4.1 and below and SVN versions 1699 and below suffer from directory traversal, authentication bypass, and denial of service vulnerabilities.
adc2aa9ee5d0bef2c8025b8d7e63e5e285d75f05c485f76f4463b9283f0a66be
Simple HTTPD versions 1.38 and below suffer from directory traversal and script viewing vulnerabilities. Details for exploitation provided.
220234da94019862c8340f60a0ef109dfe80c76cbe779cadcc4d9038ee5ea2db
Easy File Sharing Web Server versions 4.5 and below upload directory traversal proof of concept exploit.
3305ed60fb5c23544d4225ff3f8b6b5fb5bc3214d18a8b42fbbd71fe8c5bf533
Easy File Sharing Web Server versions 4.5 and below suffer from upload directory traversal, download of database files, and sensitive file reading vulnerabilities.
d7f38c88fe2bcbc9b7f9e1ae18395eea19bde9e9573491d3d6aac82a0474f9e6
Secunia Security Advisory - Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service).
d83a73cb2d0b4c6a2bdeb4ca3f9fba8ce951cbb883bf49e7aa9c2a5fb531e3c6
Secunia Security Advisory - Ubuntu has issued an update for tetex-bin and texlive-bin. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose and manipulate sensitive information and by malicious people to potentially compromise a vulnerable system.
ad3ff32b8d88fd47b4c13a4ee50d07f939ab9f66cfc568c55ae60b573c357018
Secunia Security Advisory - Some vulnerabilities have been reported in IBM HMC, which can be exploited by malicious, local users to gain escalated privileges.
b3e227b8c2e295583a26425ef69f842daff4bde842dca27d63e856487f8cf31a
Debian Security Advisory 1423-1 - Several remote vulnerabilities have been discovered in sitebar, a web based bookmark manager written in PHP.
da194b681f8ebc0cd79e03be585700374cc2675c0f874e7cef7dfb5acdad3595
Debian Security Advisory 1422-1 - Rafal Wojtczuk of McAfee AVERT Research discovered that e2fsprogs, ext2 file system utilities and libraries, contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These could result in heap-based overflows potentially allowing the execution of arbitrary code.
39ac95b7fdbd4ff9c4b3c21faf0562cfc7d992c5a75ee9b7bd0f228404fec8e0
Kvaliitti WebDoc CMS version 3.0 is susceptible to a remote SQL injection vulnerability.
e7a98d463cada43ab813b1820d6feb09172ce0334554ef1c27bb8efcc4ec5b18
MIT Kerberos 5 suffers from multiple vulnerabilities including an integer overflow and some double-free flaws.
d412d721c9d589618860fd3f0f92f51298792b44d1eb88d7790031200454c494