Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to a CRLF Injection vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing injection of custom HTTP cookies, forcing external redirects, potential HTTP Response Splitting attacks, etc.
e89f3a47c9d247e4c7ef74ea39c92a4c23d3b46381a0211b7b0b6dd059c87d44
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to an Insecure Direct Object Reference vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing OS command execution, local file inclusion resulting in exposure of appliance configuration files, source code, etc.
4faf8158f2565688d604706ac1cf4006697d9a3c4dc9926cebbe5d8ab0579ade
Zero Day Initiative Advisory 10-174 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function DtbClsLogin defined in the module dpwindtb.dll on Windows and libdplindtb.so on Linux. This function takes user supplied input and copies it directly to a stack buffer. By providing a large enough string this buffer can be overrun and may result in arbitrary code execution dependent on the underlying operating system.
19fb296d9f51cd1e48d962656c1a767f6ea7e19506c8ecb27c35bca04addd1c9
Zero Day Initiative Advisory 10-176 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the normalizeDocument function defined within nsDocument.cpp. When handling children nodes the code does not account for a varying number of children during normalization. An attacker can abuse this problem along with the fact that the code does not validate the child index is within bounds to access an invalid object and execute arbitrary code under the context of the browser.
e739eac518ec6b4c3812340079752ef5a4ca37991dd6522eef2b4fb64f4f62a2
Zero Day Initiative Advisory 10-173 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fix implemented for CVE-2010-2753 in the nsTreeSelection interface. In a certain condition, the application still can be made to free a reference and then made to use said freed reference. This can lead to code execution under the context of the application.
7130f28c7ac41656194496c80833d484a172017a28c873bd514fabfbece11453
Zero Day Initiative Advisory 10-172 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for XUL <tree> objects. If a specific property of a tree object is set and the parent node attempts to remove the child, the process can be made to access invalid memory. This can be abused by an attacker to execute remote code under the context of the user running the browser.
5bbe3d7b5ae5df7f3d75f08ac91ce344851241897651332f391a6f3e4a9d99d4
Adobe LifeCycle ES suffers from a DLL hijacking vulnerability. Version 8.2.1.3144.1.471865 is affected.
914e1a72e1c256b433639de5c3f194323f110b316851fca137768699e16c0a9b
Mandriva Linux Security Advisory 2010-180 - lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable setgid file. The updated packages have been patched to correct this issue.
3ea35b697264e2934832f4e356c4542b2ed7f7794a7923baba03fd859a6fe8af
The Joomla Mosets Tree component version 2.1.5 suffers from a shell upload vulnerability.
b4f9b0da401d6d4a284a63fd6113e51059b65d8468309fb75ff018ce670a113b
Month Of Abysssec Undisclosed Bugs - RealPlayer SP 1.1.4 suffers from FLV parsing integer overflows.
747b936999a4d58e27ed7fcdf8fb0843bdbcec11979559b3aafac9a548cf02e0
Month Of Abysssec Undisclosed Bugs - RealPlayer SP 1.1.4 suffers from FLV parsing integer overflows.
ae78ed05a168a176106a4c2ee0118e75d1888d2252d277e478aad464a7537cee
Month Of Abysssec Undisclosed Bugs - Luftguitar CMS version 2.0.2 suffers from an arbitrary file upload vulnerability.
cba980c90778fffb6896885f55e51a18c5337182bdca0bb4185515c8c8b6b92e
Month Of Abysssec Undisclosed Bugs - Luftguitar CMS version 2.0.2 suffers from an arbitrary file upload vulnerability.
91084624bd117ea2db6a9a3c9bd1919ef4d009d544b905e9dc2f9bc59b62f7f8
The Call For Papers for POC2010 has been released. The 5th POC "POC2010" will be held in Seoul, Korea December 14th through the 15th.
5e1155c7e305c87738b53142f75e2f54eac9f180631a20d4972345918f7efd6e
Zero Day Initiative Advisory 10-171 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of a particular element within the XUL namespace. Due to a method for the element having the side effect of executing javascript, an attacker can provide their own javascript code which can be used to remove an object out from underneath the element's child hierarchy. This can force the application to make an invalid reference when traversing it's internal objects, thus using an illegitimate pointer. This can be leveraged by an attacker to execute arbitrary code under the context of the application.
ff8ed79c701144a5d5bab06486fd8c341cec8d2693e081cae42d9badecfd9ef3
Zero Day Initiative Advisory 10-170 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support of an element containing the run-in property. When a block box is appended as the sibling of a run-in box, the run-in box will be promoted to the first inline box. This implies that the first inline box will be destroyed. Later when the application attempts to destroy this element, it will access memory that has been freed. If an attacker can substitute an alternate type in the element's place, the attacker will have code execution under the context of the application.
dda7314883b7d21a5b3b625a4ba9e3c08e3f7a88f8d7faed3d237fb9e0c34433
Zero Day Initiative Advisory 10-169 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is required to exploit this vulnerability. The flaw exists within SSHD.NLM. When the application attempts to resolve an absolute path on the server, a 512 byte destination buffer is used without bounds checking. By providing a large enough value, an attacker can cause a buffer to be overflowed. Successful exploitation results in remote code execution under the context of the server.
5e9fe45a51d269123b152c75c973e90ff2fb2c38ddf73ee6230a60619d7ea004
A flaw has been identified in Wireshark version 1.4.0 concerning the ASN.1/BER dissector that will cause a denial of service (stack overflow and null pointer dereference in exception handling code).
7295bae78226860d8de352797f52f0b25ded97e8cde584a327b0ce3175a7cba3
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to multiple persistent and reflected XSS attacks. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc.
7d77648766361a40b7d96f7ef892d0dab12d44b36490044262f591af031bf755
Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to XSRF attacks. When exploited by an attacker, the identified vulnerabilities could lead to compromising the security of the appliance, including unauthorized alteration of appliance's settings, DoS attacks, etc.
e79b5a9fb4e89af714cf275dfcd4e03761b0ba0e0db20144b1e00d48f36b7d68
Debian Linux Security Advisory 2097-2 - The update in DSA 2097 for phpMyAdmin did not correctly apply the intended changes, thereby not completely addressing the vulnerabilities. The configuration setup script does not properly sanitize its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request. In Debian, the setup tool is protected through Apache HTTP basic authentication by default. Various cross site scripting issues have been discovered that allow a remote attacker to inject arbitrary web script or HTML.
c21f472813e5c7c0a304c173d6cf63b3c3701881ecb40c9dd4192c61fc607c73
AA SMTP Server version 1.1 crash proof of concept exploit.
6bc09fba4c8c1d4d8967504564605076b2b9c1682e1ba2dcbc7a9a3d64c0e8c3
Kingsoft Antivirus versions 2010.04.26.648 and below kernel buffer overflow exploit.
7aab7a8bdc516aaeb8bc67cb6df279cf72e0858e6fc25db1b23fd5d9d1673752
UCenter Home version 2.0 suffers from a remote SQL injection vulnerability.
db9f9a97782e50c2c2438cd231df3d378b7bcbd02c5a93d427a3bc99dc05d9f5
Storyteller CMS suffers from a local file inclusion vulnerability.
efc0730703f8e4ec8e04d3b0c9f2f5b0352a5f7817faf1f7141447cb89b23bc6