Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to a CRLF Injection vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing injection of custom HTTP cookies, forcing external redirects, potential HTTP Response Splitting attacks, etc.
e89f3a47c9d247e4c7ef74ea39c92a4c23d3b46381a0211b7b0b6dd059c87d44Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6) is vulnerable to an Insecure Direct Object Reference vulnerability. When exploited by an authenticated attacker, such vulnerability could lead to compromising the security of the appliance, allowing OS command execution, local file inclusion resulting in exposure of appliance configuration files, source code, etc.
4faf8158f2565688d604706ac1cf4006697d9a3c4dc9926cebbe5d8ab0579adeZero Day Initiative Advisory 10-174 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function DtbClsLogin defined in the module dpwindtb.dll on Windows and libdplindtb.so on Linux. This function takes user supplied input and copies it directly to a stack buffer. By providing a large enough string this buffer can be overrun and may result in arbitrary code execution dependent on the underlying operating system.
19fb296d9f51cd1e48d962656c1a767f6ea7e19506c8ecb27c35bca04addd1c9Zero Day Initiative Advisory 10-176 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the normalizeDocument function defined within nsDocument.cpp. When handling children nodes the code does not account for a varying number of children during normalization. An attacker can abuse this problem along with the fact that the code does not validate the child index is within bounds to access an invalid object and execute arbitrary code under the context of the browser.
e739eac518ec6b4c3812340079752ef5a4ca37991dd6522eef2b4fb64f4f62a2Zero Day Initiative Advisory 10-173 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fix implemented for CVE-2010-2753 in the nsTreeSelection interface. In a certain condition, the application still can be made to free a reference and then made to use said freed reference. This can lead to code execution under the context of the application.
7130f28c7ac41656194496c80833d484a172017a28c873bd514fabfbece11453Zero Day Initiative Advisory 10-172 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for XUL <tree> objects. If a specific property of a tree object is set and the parent node attempts to remove the child, the process can be made to access invalid memory. This can be abused by an attacker to execute remote code under the context of the user running the browser.
5bbe3d7b5ae5df7f3d75f08ac91ce344851241897651332f391a6f3e4a9d99d4Adobe LifeCycle ES suffers from a DLL hijacking vulnerability. Version 8.2.1.3144.1.471865 is affected.
914e1a72e1c256b433639de5c3f194323f110b316851fca137768699e16c0a9bMandriva Linux Security Advisory 2010-180 - lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable setgid file. The updated packages have been patched to correct this issue.
3ea35b697264e2934832f4e356c4542b2ed7f7794a7923baba03fd859a6fe8afThe Joomla Mosets Tree component version 2.1.5 suffers from a shell upload vulnerability.
b4f9b0da401d6d4a284a63fd6113e51059b65d8468309fb75ff018ce670a113bMonth Of Abysssec Undisclosed Bugs - RealPlayer SP 1.1.4 suffers from FLV parsing integer overflows.
747b936999a4d58e27ed7fcdf8fb0843bdbcec11979559b3aafac9a548cf02e0Month Of Abysssec Undisclosed Bugs - RealPlayer SP 1.1.4 suffers from FLV parsing integer overflows.
ae78ed05a168a176106a4c2ee0118e75d1888d2252d277e478aad464a7537ceeMonth Of Abysssec Undisclosed Bugs - Luftguitar CMS version 2.0.2 suffers from an arbitrary file upload vulnerability.
cba980c90778fffb6896885f55e51a18c5337182bdca0bb4185515c8c8b6b92eMonth Of Abysssec Undisclosed Bugs - Luftguitar CMS version 2.0.2 suffers from an arbitrary file upload vulnerability.
91084624bd117ea2db6a9a3c9bd1919ef4d009d544b905e9dc2f9bc59b62f7f8The Call For Papers for POC2010 has been released. The 5th POC "POC2010" will be held in Seoul, Korea December 14th through the 15th.
5e1155c7e305c87738b53142f75e2f54eac9f180631a20d4972345918f7efd6eZero Day Initiative Advisory 10-171 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of a particular element within the XUL namespace. Due to a method for the element having the side effect of executing javascript, an attacker can provide their own javascript code which can be used to remove an object out from underneath the element's child hierarchy. This can force the application to make an invalid reference when traversing it's internal objects, thus using an illegitimate pointer. This can be leveraged by an attacker to execute arbitrary code under the context of the application.
ff8ed79c701144a5d5bab06486fd8c341cec8d2693e081cae42d9badecfd9ef3Zero Day Initiative Advisory 10-170 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support of an element containing the run-in property. When a block box is appended as the sibling of a run-in box, the run-in box will be promoted to the first inline box. This implies that the first inline box will be destroyed. Later when the application attempts to destroy this element, it will access memory that has been freed. If an attacker can substitute an alternate type in the element's place, the attacker will have code execution under the context of the application.
dda7314883b7d21a5b3b625a4ba9e3c08e3f7a88f8d7faed3d237fb9e0c34433Zero Day Initiative Advisory 10-169 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is required to exploit this vulnerability. The flaw exists within SSHD.NLM. When the application attempts to resolve an absolute path on the server, a 512 byte destination buffer is used without bounds checking. By providing a large enough value, an attacker can cause a buffer to be overflowed. Successful exploitation results in remote code execution under the context of the server.
5e9fe45a51d269123b152c75c973e90ff2fb2c38ddf73ee6230a60619d7ea004A flaw has been identified in Wireshark version 1.4.0 concerning the ASN.1/BER dissector that will cause a denial of service (stack overflow and null pointer dereference in exception handling code).
7295bae78226860d8de352797f52f0b25ded97e8cde584a327b0ce3175a7cba3Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to multiple persistent and reflected XSS attacks. When exploited by an external/internal attacker, such identified vulnerabilities could lead to Session Hijack, Information Disclosure, force installation of malicious file or Trojan on users' PCs, etc.
7d77648766361a40b7d96f7ef892d0dab12d44b36490044262f591af031bf755Web-based Local Management Interface (LMI) of IBM Proventia Network Mail Security System appliance (firmware 1.6 and 2.5) is vulnerable to XSRF attacks. When exploited by an attacker, the identified vulnerabilities could lead to compromising the security of the appliance, including unauthorized alteration of appliance's settings, DoS attacks, etc.
e79b5a9fb4e89af714cf275dfcd4e03761b0ba0e0db20144b1e00d48f36b7d68Debian Linux Security Advisory 2097-2 - The update in DSA 2097 for phpMyAdmin did not correctly apply the intended changes, thereby not completely addressing the vulnerabilities. The configuration setup script does not properly sanitize its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request. In Debian, the setup tool is protected through Apache HTTP basic authentication by default. Various cross site scripting issues have been discovered that allow a remote attacker to inject arbitrary web script or HTML.
c21f472813e5c7c0a304c173d6cf63b3c3701881ecb40c9dd4192c61fc607c73AA SMTP Server version 1.1 crash proof of concept exploit.
6bc09fba4c8c1d4d8967504564605076b2b9c1682e1ba2dcbc7a9a3d64c0e8c3Kingsoft Antivirus versions 2010.04.26.648 and below kernel buffer overflow exploit.
7aab7a8bdc516aaeb8bc67cb6df279cf72e0858e6fc25db1b23fd5d9d1673752UCenter Home version 2.0 suffers from a remote SQL injection vulnerability.
db9f9a97782e50c2c2438cd231df3d378b7bcbd02c5a93d427a3bc99dc05d9f5Storyteller CMS suffers from a local file inclusion vulnerability.
efc0730703f8e4ec8e04d3b0c9f2f5b0352a5f7817faf1f7141447cb89b23bc6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed