Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
9f4f888b00af392a0cb4c91631bf5c14467e061cd8cc8392a2df226676b22670Zero Day Initiative Advisory 10-133 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of references to external font resources. A value is used as a 16 bit integer in an array allocation and later as 32 bit when iterating over and then populating these fields. By creating enough references, a remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
f5d8dd7c32a2a623a1ab483ff4c3cbdf23d8f651924b0f2d64ef43b07770a0c8Zero Day Initiative Advisory 10-132 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the browser's method for parsing child elements out of a particular tag. The application will use a 32-bit index to enumerate them, but will store it in a 16-bit signed integer and then use it to allocate space for a cache. When populating the cache a buffer overflow will occur. This can lead to code execution under the context of the application.
2f022db95e09d8dc7b6ebe9ff4057ff19bb3e24cc6ac32fe5ebbdcdd17274899Mayasan Portal version 2.0 suffers from a remote SQL injection vulnerability.
867fa8a1aa0b853d5d2bf51b8bf346b4e0a4ec2001db21d91b777342879cd2b8Whitepaper called Simple Technique for SQL Injection Form Login Bypass. Written in Indonesian.
a0c126771c4a0c2267245b25df94a2fb32bec29ea8a480fdc954aad92f0b5f5alibpng versions 1.4.2 and below denial of service exploit.
931618b16e3c9673a23c5b0e8ddfbea6cba73ec0d2a99d3d42b0cc17cb7cb77bOnapsis Security Advisory - The SAP J2EE Engine contains a Web Services Navigator interface, which enables the interaction with the deployed Web Services in the server. This interface suffers from a Cross-Site Scripting vulnerability, which may enable malicious parties to perform different kind of attacks over SAP users.
8dc2a56391e65f55d9d9b2fedc38db6025320a0ec26c72f748583efc85727820Zero Day Initiative Advisory 10-131 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of XUL <tree> element's "selection" attribute. There is an integer overflow when calculating the bounds of a new selection range. When calling adjustSelection on this manged range both ranges are deleted leaving a dangling reference. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
010284d7af17bbb1cb31c4f81196ce20998a307bacdd100723e6a9f36e76bf1cZero Day Initiative Advisory 10-130 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the victim must visit a malicious page or open a malicious file. The specific flaw exists within the application's implementation of the NodeIterator interface for traversal of the Document Object Model. Due to the implementation requiring a javascript callback, an attacker can utilize the callback in order to manipulate the contents of the page. By doing so in an unexpected manner, an attacker can cause the process to corrupt memory. Successful exploitation will lead to code execution under the context of the application.
1b40559321186043ad05f4d45e0c16676ef562c2a6e7ae3b2e3e825f4fcb5032Unreal Tournament III suffers from an uninitialized pointer vulnerability.
4f03ee16d11664440497200a3044e2b1c74ba81bb6fd7c59fec78d672f1e22b5ezAPPAREL suffers from backup related, file disclosure and shell upload vulnerabilities.
17f4c00d9115d21a6da254be8fb6fb9a4a2dfaa8f427848166e2afdfb59d8da3ASP Resources Forum suffers from a database disclosure vulnerability.
cfa1555f06212d3054dbc2262cf32775aa9cd2d7c0bf152083f2f3b44e613aafThe Lithtech engine in F.E.A.R and F.E.A.R. 2 Project Origin suffers from a memory corruption vulnerability. Exploit included.
34287796cabe7c93695c0dc48cdfbec8df8c736277f0b7f0ea6e0911536a1625DirectPlay8 suffers from NULL pointer and access violation / freeze vulnerabilities. Exploit included.
1059213ca6067595a354e83762de856ece3e7b9ef12c97d4dfcd58d11a74000fUbuntu Security Notice 963-1 - Robert Swiecki discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.
fc0f18e5fd93c5ab92a7d2edfd7e45781d6ca70eb6dee9fcb787abfdffb4f18eInternet Explorer 7.0 denial of service proof of concept exploit that leverages the Microsoft Clip Organizer Active-X control.
49f9619da3ce2ea53067cd8c7effa6b01672de52c0783bfe87a1b1a15560398eSolaris wbem suffers from an unsafe use of temporary files vulnerability.
e25695c184c89f651bdda342eaad990a889f8c8d85453a12ab23d8db36072c2bSolaris nfslogd suffers from an unsafe use of temporary files vulnerability.
31a014d3634838be4d7686ca8bc19552353af446fcbb382d3cb0180cd390db98Solaris flar suffers from an unsafe use of temporary files vulnerability.
41138e9f4024ae9ce4907ba49bfb51b1831d03d76f597aaae4bc06f17d1bd299Mayasan Portal version 2.0 suffers from a remote SQL injection vulnerability.
780abbcfcdb8dcf89b11d72da444ee275e837692c70fdc2730601184709ee8a4Caner Hikaye Scripti suffers from a remote SQL injection vulnerability.
45446cb600e69d40f15d1b8e4e627926ed5a3d3bd9968d45caf6b00893e2c610EZ-Oscommerce version 3.1 suffers from a shell upload vulnerability.
97bff752283ac167760e89134e3cd8bdf6f71593482b9bc0055191321a1e7dc1This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This Metasploit module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
02b7a4d416053d7ead37976f6d7d16df09d4d947e59b569a8c904c94108c01af
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed