PHP versions 5.2.11 and 5.3.0 suffer from a symlink() open_basedir bypass vulnerability.
f8af26e6ee5914fd87ea6711ebc4f3b21a8d49616078c8c12af0172c01be0e3cISC DHCP dhclient scripts_write_params() stack buffer overflow exploit.
2014e6abc56455168433974101c55c09624023f1879081dc6ce5c0c8823eb70eMozilla NSS NULL character CA SSL certificate validation security bypass vulnerability.
92116a1f698ebd192000a6a214b3792bd3a3666828967d60da976747919e9260Ubuntu Security Notice 853-2 - USN-853-1 fixed vulnerabilities in Firefox and Xulrunner. The upstream changes introduced regressions that could lead to crashes when processing certain malformed GIF images, fonts and web pages. This update fixes the problem.
ae7e613a82982701cb0b5e50d5bda7c9a8e2baeb5e561af8226ffa3c8634ddb2Whitepaper called Using XSS to Bypass XSRF Protection.
5035f8be6334058e104ea433327f5b3e06c3056e60fecf4e10d50092b351f754WordPress versions 2.8.5 and below suffer from an unrestricted file upload vulnerability that allows for PHP code execution.
8a9c0fdb59cc38abd6330f5a1a1a3775ef99f1828bf48d154ae593fee3004135Panda Security Software suffers from a local privilege escalation vulnerability.
0db1401fc7a166e2a2fc024722964904cbeba0bf6dcd6e4e2b7e640bcaa2de47Proof of concept exploit that demonstrates a remote kernel crash vulnerability in Windows 7.
0c550ae47995e2697019b90be957f6aecb34773bd99b762df6389336df4d7c85AIMP2 versions 2.51 build 330 and below audio converter playlist buffer overflow exploit.
c6e39bb3fcec1877067eb985ee4f07a6fd968d11e76815fc2c325d912e99073bTechnical Cyber Security Alert 2009-314A - Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server and Office Word and Excel.
f4a61c8485cfee670a227cc6dc6ce75b187c3ef15698f355f31d57b7297b8ae3iDefense Security Advisory 11.10.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a FEATHEADER record within an Excel file. This record is used to store information common to multiple other records, and was introduced with Excel 2002 (XP). When certain fields of this record are set to a trigger value, it is possible to corrupt memory in such a way that the next 4 bytes in the record are treated as an object pointer. This pointer is then used to make a virtual function call, which results in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Excel versions 2007, 2003, and XP. The record that causes the vulnerability is not supported by Excel 2000, so it is not affected by this vulnerability.
5f80963ddf2ce93ca1f29af19a4ef71104925c85a3890129ab19e9b97edbffb6iDefense Security Advisory 11.10.09 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code with the privileges of the targeted user. This vulnerability occurs when Word parses the File Information Block (FIB) structure inside a Word document. When a malformed FIB structure is processed, a stack buffer overflow will occur which can lead to an exploitable condition. iDefense has confirmed fully patched Microsoft Word 2003 SP3, Microsoft Word XP SP3, Microsoft Word 2000 SP3 are vulnerable. Microsoft Word 2007 SP1 is not affected.
fb02e8e8e484eae0536df20cc974d2730b906f2d936448bc99c5357711be4695Zero Day Initiative Advisory 09-083 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious spreadsheet. The specific flaw exists in the handling of Shared Feature Header (0x867) tags in an Excel BIFF file format. When processing the cbHdrData size element of the FEATHEADER it is possible to directly control the distance of a calculated pointer. This condition can be leveraged successfully to execute arbitrary code under the context of the currently logged in user.
d548095b72374db0546e590ef01b4c3b681d0d5725433ed78d66dbb44ae398abZero Day Initiative Advisory 09-082 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists when parsing a document containing a malformed PivotCache Stream. The application will utilize the iCache value of an SXVI record to seek into a list of objects. While setting an attribute of that particular object, the application will corrupt memory which can lead to code execution under the context of the currently logged in user.
d7c02af1af262734ec1d52b22391c85538bf9a03faddc3490b3a8b2eecc6d097A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required on certain configurations to exploit this vulnerability. The specific flaw exists in the handling of RPC calls to the License Logging Service (llssrv.exe). When processing arguments to the LlsrLicenseRequestW method a character array is expected to contain a terminating null byte. By supplying data that does not end in a null it is possible to overlap a call to lstrcatW, resulting in a heap overflow. Successful exploitation of this vulnerability can lead to remote system compromise under the credentials of the SYSTEM account.
f21d1604d8e1e8c3be6574e22ae7b94c1af0646e4e4c46095c1aa5ccefb5b163The wireless drivers in some Wi-Fi access points (such as the ATHEROS-based Netgear WNDAP330) do not correctly parse malformed reserved management frames.
f6fc1bda3a0c5dffe082b5ca1d4a671c6e65ff573fec7141a069a46e37ab49daThe wireless drivers in some Wi-Fi access points (such as the MARVELL-based Linksys WAP4400N) do not correctly parse information elements included in association requests.
f726b07e5df156d18db6d87b24879cea10a4c642f89c60083faaa78b0fa2ed0fCute News version 1.4.6 and UTF-8 Cute News suffer from cross site request forgery, cross site scripting, file path disclosure, local file inclusion, authentication bypass, and php command injection vulnerabilities.
cc0fab30e32bdf7cfa84bd8a3a839c9f6541191bedd2b0e2430e4f040589df96Ubuntu Security Notice 857-1 - It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the QtWebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that QtWebKit did not properly handle certain XSL stylesheets. If a user were tricked into viewing a malicious website, an attacker could exploit this to read arbitrary local files, and possibly files from different security zones. It was discovered that QtWebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.
5a324ea48b5787026fc49a852ae6d25efa2d3fb3bd8b0cdfcf21959e24c7da1eUbuntu Security Notice 856-1 - Aaron Sigel discovered that the CUPS web interface incorrectly protected against cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS configuration and possibly steal confidential data.
44ccda0c873bd7da23e414ac67e8b1cf3640c62a81554a287b915fe11ac3e227XM Easy Personal FTP Server version 5.8.0 remote denial of service exploit.
4333012c55f9fc3b55690c74d944a57934c5f46de6d6e2edf1d5267c2f00d29bHP Security Bulletin - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, privilege escalation, and Denial of Service (DoS).
4e557744aecf9dd9f0d0fa1806010807ec9f5b0715c0bca405e0d75be361b35cSafari version 4.0.3 (Win32) XSS remote denial of service exploit.
a7d9ba59f478e5a36cfe543be10d0937974a736f8df9367cba150bfafe28c98dCisco Security Advisory - An industry-wide vulnerability exists in the Transport Layer Security (TLS) protocol that could impact any Cisco product that uses any version of TLS and SSL. The vulnerability exists in how the protocol handles session renegotiation and exposes users to a potential man-in-the-middle attack.
834e38821f573aad3c161fc1bbd3197b23d825981e7612301a401b08b5f77563When a U3D CLODProgressiveMeshContinuation (blocktype: 0xFFFFFF3C) is parsed by Adobe Acrobat Reader U3D plugin the split position index is read from the input without any validation. That index is then used for getting an object out of the limits of the array, object from which a function pointer is dereferenced and called. Adobe Acrobat Reader version 8.1.6 and below and 9.1.3 and below are affected.
f13045466b5a75506fbe65fd83ad85cca5999df4143ceaf0a1f3d413d2624905
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed