what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 71 RSS Feed

Files Date: 2010-02-12 to 2010-02-13

Secunia Security Advisory 38551
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 5e58669f66340f63c18044c1f25cccbe9fe0d8205a0f9c0e221dcbcaaf6f4b03
Secunia Security Advisory 38547
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 25ce44530aba234c3fd4d58453369863ede2ef6f5f569a681c01f8dbc2a2fc73
Secunia Security Advisory 38536
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP DreamScreen, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 1f735d7963a070eedf34bfca2ff1fbcd33dc26677833269e57789c7c93343c34
Secunia Security Advisory 38538
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Accellion File Transfer Appliance, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 749a40fdfd338995be33c648e94bdc538d325114a9a8a480b5dad065280d8a5d
Secunia Security Advisory 38559
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
SHA-256 | 227757af38e1a98a1ff17d2767f0b5ab1aa80b026b5b70dc4dbbd9a87a9bc33c
Secunia Security Advisory 38567
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in OpenOffice.org, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, or compromise a user's system.

tags | advisory, spoof, vulnerability
SHA-256 | 8a199e34bddb253ef1ede76f32fe0a8e1a2642fe5651dc842871cd7412493934
Secunia Security Advisory 38561
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e4a0b971747b2d2c986b608cef792f64911daf861b06972b9287f1f433fb85ee
Secunia Security Advisory 38570
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 8bec50ebd3685d78985c9918c0917b06b336607843da281634ba8cff3b0aaa39
iDEFENSE Security Advisory 2010-02-09.3
Posted Feb 12, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 02.09.10 - Remote exploitation of an invalid array indexing vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an "OEPlaceholderAtom" record. This record type is used to create a placeholder for an object (picture, text, etc.) on a slide. By providing a value greater than the size of an array, it is possible to corrupt stack memory beyond the bounds of the array with a fixed value. By overwriting critical structures like the saved return address, it is possible to execute arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2010-0031
SHA-256 | d24ab20b5c6803e83455df245fd1d72cec4062ce382bd5942e5050ec5a1b7c50
iDEFENSE Security Advisory 2010-02-09.2
Posted Feb 12, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 02.09.10 - Remote exploitation of a use-after-free vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing multiple "OEPlaceholderAtom" records present in a "msofbtClientData" container. This record type is used to create a placeholder for an object #picture, text, etc.# on a slide. When a certain series of these records are present, it is possible to trigger a use-after-free vulnerability, which can lead to the execution of arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2010-0032
SHA-256 | dbd9b1e1b4fe84087828c9ac7476d63ad752095f77c348da83b6f055470ebb87
iDEFENSE Security Advisory 2010-02-09.1
Posted Feb 12, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 02.09.10 - Remote exploitation of a heap-based buffer overflow vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of two related PowerPoint record types. The first record type, the "LinkedSlideAtom" record, is used to specify collaboration information for different slides. One of the fields in this record is used to specify the number of certain records that are present in the file. The code responsible for filling the array used to store the records does not perform any bounds checking when storing elements into the array. This results in a heap-based buffer overflow vulnerability.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-0030
SHA-256 | 0b18b14e0c9795855204e86c10b7b6ae28c39e0d8eb4143c1a19f92d340ad60c
Trade Manager Script SQL Injection
Posted Feb 12, 2010
Authored by JaMbA

Trade Manager Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 419d6f92e6cf69d48339e371a3c7bd31eb4b739d21e915e53391a506d7435693
Ubuntu Security Notice 899-1
Posted Feb 12, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 899-1 - It was discovered that Tomcat did not correctly validate WAR filenames or paths when deploying. A remote attacker could send a specially crafted WAR file to be deployed and cause arbitrary files and directories to be created, overwritten, or deleted.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-2693, CVE-2009-2901, CVE-2009-2902
SHA-256 | 79dea4703a1e1264a83cf53d734c37ff6cadc030eca4eb1ca5afe6bd0dc7303e
Video Games Rentals Script SQL Injection
Posted Feb 12, 2010
Authored by JaMbA

Video Games Rentals Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1c72b8a6ccfd4b4f32b9fed0ab0a9294af148a1b06f7f0c56f45e78224912e18
HP Security Bulletin HPSBMA02488 SSRT100013
Posted Feb 12, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP ProLiant Support Pack 8.30 for Windows. The vulnerabilities could be exploited remotely to execute code and to gain unauthorized access to information.

tags | advisory, vulnerability
systems | windows
advisories | CVE-2009-0901, CVE-2009-2493, CVE-2009-2495
SHA-256 | 10900692b92a1dc7551b9258e1f7ab8b20ab635c81dd03190ad5a5bd88a3bc3c
RSA SecurID Cross Site Scripting
Posted Feb 12, 2010
Authored by sasquatch | Site securestate.com

RSA SecurID suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fdf3ec7c27e8f90d59244fdbd73743a4bae6f125118eeecb3bf91ae9a739fdda
apemCMS SQL Injection
Posted Feb 12, 2010
Authored by Ariko-Security

apemCMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e6772a891fa33d6b1eafd2e06a54b44876c11b1d2ab6c524f93761fefaf75720
myPHP Guestbook Database Disclosure
Posted Feb 12, 2010
Authored by ViRuSMaN

myPHP Guestbook suffers from a database backup disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 5b3133e1ca5c4db149ef4df5a39730443c1be455c8a965fc68391e515fd374ac
Debian Linux Security Advisory 1994-1
Posted Feb 12, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1994-1 - It was discovered that ajaxterm, a web-based terminal, generates weak and predictable session IDs, which might be used to hijack a session or cause a denial of service attack on a system that uses ajaxterm.

tags | advisory, web, denial of service
systems | linux, debian
advisories | CVE-2009-1629
SHA-256 | 01f42fb15d52253fce43542edbfa8cbe981715dacca0392a6536379ca8948e33
Hyleos ChemView 1.9.5.1 Heap Spray Exploit
Posted Feb 12, 2010
Authored by Dz_attacker | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow within HyleosChemView.ocx of Hyleos ChemView 1.9.5.1. By setting an overly long value to 'SaveAsMolFile()', an attacker can overrun a buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | 2111452c07f6f459fec0e621e32b38716a36704b4edb3b7e1ad40e65a3148000
Wireshark LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)
Posted Feb 12, 2010
Authored by jduck, babi | Site metasploit.com

The LWRES dissector in Wireshark version 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allows remote attackers to execute arbitrary code due to a stack-based buffer overflow. This bug found and reported by babi. This particular exploit targets the dissect_getaddrsbyname_request function. Several other functions also contain potentially exploitable stack-based buffer overflows. The Windows version (of 1.2.5 at least) is compiled with /GS, which prevents exploitation via the return address on the stack. Sending a larger string allows exploitation using the SEH bypass method. However, this packet will usually get fragmented, which may cause additional complications. NOTE: The vulnerable code is reached only when the packet dissection is rendered. If the packet is fragmented, all fragments must be captured and reassembled to exploit this issue. This version loops, sending the packet every X seconds until the job is killed.

tags | exploit, remote, overflow, arbitrary
systems | windows
advisories | CVE-2010-0304
SHA-256 | d28668098a27e6e86e0f65642a8b1c8bf5e3de86d7aa8ab2556e021ec839c378
AlstraSoft Video Share Enterprise SQL Injection
Posted Feb 12, 2010
Authored by M3NW5

AlstraSoft Video Share Enterprise suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6e8f9f98006d082edb7a449ffef3b90b71585a75d150e6ccd21cfdb75e1d4938
Just Another Guestbook 1.14 Database Disclosure
Posted Feb 12, 2010
Authored by Phenom

J.A.G. aka Just Another Guestbook suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 7160952509441954e71aeddc49db1ff8cb76f512249ba558a3df5fefff144b48
CD Rentals SQL Injection
Posted Feb 12, 2010
Authored by Don Tukulesto | Site indonesiancoder.com

CD Rentals Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1c150f39da53833f62886db3166a0ded1ae2258c72349491d04504ff96d88e3f
E-Books Rental Software SQL Injection
Posted Feb 12, 2010
Authored by Don Tukulesto | Site indonesiancoder.com

E-Books Rental Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6faa08e4dd900198c365fcb97725405e3b8b02ee60c796304a1e1258406862a8
Page 2 of 3
Back123Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close