exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 82 RSS Feed

Files Date: 2010-01-14 to 2010-01-15

Drupal's Node Blocks Cross Site Scripting
Posted Jan 14, 2010
Authored by Martin Barbella

Drupal's Node Blocks contributed module versions 6.x-1.3 and 5.x-1.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f68289c50815198eb6810c53c0b4256c3c719ad48903426b5a1dcdac4b55f1b8
Zenoss 2.3.3 SQL Injection
Posted Jan 14, 2010
Authored by Adam Baldwin

Zenoss version 2.3.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8ae88b4d12441e5901a34796eae64264167b57c8699772ac793843d616c0949e
Adobe Acrobat Script Injection
Posted Jan 14, 2010
Authored by Paul Theriault | Site stratsec.net

A vulnerability exists within the Forms Data Format (FDF) built into Adobe Acrobat Reader which allows an attacker to inject JavaScript into a Portable Document Format (PDF) file from any domain on the internet. Successful exploitation of this issue results in the potential disclosure of sensitive information or other cross-domain attacks including cross-site scripting. Adobe Reader and Acrobat versions 9.2 and 8.1.7 and earlier versions are affected.

tags | exploit, javascript, xss
advisories | CVE-2009-3956
SHA-256 | 11aefc4cc22cb57b7a9c981675a064416678a375d13937f94dd4c761ccfb4031
Secunia Security Advisory 38180
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for aria2. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
SHA-256 | 5e37bfb9f87a4147bf619f338ae3e16ca162149b915c639b35576c8935517743
Secunia Security Advisory 38181
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | df6aac0bc0d6c17ab4f62c1e07c9e5c1d91c421a8b1efced9958d341f5db49e5
Secunia Security Advisory 38182
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for VirtualBox. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, gentoo
SHA-256 | f48c51b0cb5fecabb25b866b0812caefa41dbdc316a246d7d85c3ebf725ff506
Secunia Security Advisory 38206
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in TYPO3, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | d59390f052ae8bbb29ecae0c73f809a536d1aa0e356994e963249ea9209f2dcf
Secunia Security Advisory 38171
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WebSphere DataPower, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 3b77f92e41f01b20deeb875ae1a7d10782270eba788926eda35a13f2bbd47c34
Secunia Security Advisory 38062
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in E-membres, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 51eabb377626aef75797e215f2ea991d506b0cee4f3dd28fffa5d99b64c7e280
Secunia Security Advisory 38040
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ProArcadeScript, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 47dcc9a5a80b4f4d67b7d21a7fe5d23cca78ebdb468c722eda5855c8b9a1a13b
Secunia Security Advisory 37933
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Cherokee, which can be exploited by malicious people to manipulate certain data.

tags | advisory
SHA-256 | 235703afd3223a9b15d1f48a68bf902fad9c1a11218e9979e45635f74bc401d8
Secunia Security Advisory 38051
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in D-Link DKVM-IP8, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 7348f5e95136336a312021bc145ef65266d18f09615da5fe16c51c9413952b83
Secunia Security Advisory 38060
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Todoo Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 4466c8adc46c5ddf8cbd9fa9fac8e1cc35386b2b2be2f3b6b28c1594b0c7b514
Secunia Security Advisory 37999
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in multiple Panda products, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | affac120794de8bde72cc5062675f17656aeee67d94d77b1e133cc337f5f465b
Secunia Security Advisory 38146
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Glitter Central Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | aff5a22e0c08b76639003d27bfad511ee16a09761548d6097d8497506b438938
Secunia Security Advisory 38161
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has discovered a vulnerability in the JVClouds3D module for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 3a7b1825a161b6caf9a005469446bf3d9f489f447730b1375120675a917d3e26
Secunia Security Advisory 38144
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in Active Calendar, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 82629c11c983c7ac5f2189c7de8e09145a529b26fc10455a4405d2045e87e819
Secunia Security Advisory 38080
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Kerberos KDC, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | bb6fffa33c093364daf963e58bc3fc6132e535e6873dc8d77b9680f1b51efa6b
Secunia Security Advisory 38142
Posted Jan 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1_5_0-ibm. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.

tags | advisory, java, denial of service, vulnerability
systems | linux, suse
SHA-256 | 2a50e511023e0de5da36ce71efc484a6f927c3c709680605dd7153edef8513f8
Winamp .ini Local Stack Buffer Overflow
Posted Jan 14, 2010
Authored by fl0 fl0w

Winamp versions 5.05 through 5.13 .ini local stack buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | e5862cc513ec580a652b913188b7b7c0f4287a97d191bfbe1ada137d8251baf2
Mandriva Linux Security Advisory 2010-006
Posted Jan 14, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-006 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, arbitrary, cryptography
systems | linux, mandriva
advisories | CVE-2009-4212
SHA-256 | 9f70ce78c2c0b634beeb98136eb345b2a70b61ec35ea940051ea6afab678304c
Ubuntu Security Notice 884-1
Posted Jan 14, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 884-1 - It was discovered that OpenSSL did not correctly free unused memory in certain situations. A remote attacker could trigger this flaw in services that used SSL, causing the service to use all available system memory, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2009-4355
SHA-256 | a9b05590692d100e7556af1f54431d49557330812290560f6ac4bab969ab8c9b
CiviCRM 3.1 Cross Site Scripting
Posted Jan 14, 2010
Authored by h00die, Ch3nz

CiviCRM version 3.1 Beta 1 suffers from a cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 9c385dd7f21fa4b7ac3daee61f0efffca14768b60a3f579137854a0c44a87584
HP Security Bulletin HPSBPI02500 SSRT090263
Posted Jan 14, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP Web Jetadmin. The vulnerabilities could be exploited remotely to gain unauthorized access to data or to create a Denial of Service (DoS).

tags | advisory, web, denial of service, vulnerability
advisories | CVE-2009-4182
SHA-256 | 9405aa684a4b478c71642f39a90402728a865d1a300563c907567659daf8576b
Core Security Technologies Advisory 2009.1209
Posted Jan 14, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - Google SketchUp is a 3D modeling program designed for architects, civil engineers, filmmakers, game developers, and related professions. Google SketchUp bundles an old version of 'lib3ds', a library used to process 3DS files. This library is being compiled in a way that leads to improper validation of data when importing 3DS files; this condition can be exploited by remote attackers to trigger a memory corruption vulnerability by enticing an unsuspecting user to open a specially crafted 3DS file, possibly leading to arbitrary code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-0280
SHA-256 | 2f4f0b2f8e854921c30156980745b90a334a85148a9703a687f78ac65ba78572
Page 2 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close