exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2010-11-11 to 2010-11-12

Metinfo 3.0 Cross Site Scripting / File Disclosure
Posted Nov 11, 2010
Authored by anT!-Tr0J4n

Metinfo version 3.0 suffers from cross site scripting and file disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 7f319f2402a28e5e4096eaa10b19faff0ce156e97e765e047a4884bd747ffe1b
Atarim CMS SQL Injection
Posted Nov 11, 2010
Authored by Cru3l.b0y

Atarim CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 404615916cf6955ea5457e55e3d505e04df0ec50c688cd1444348ab446942a69
XT:Commerce Cross Site Scripting
Posted Nov 11, 2010
Authored by Philipp Niedziela

XT:Commerce versions prior to 3.04 SP2.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | cbb8958ae755239b45a683362f3b5c3c00587f78d4ed6c34364a131c6c388c2c
Apple Directory Services Memory Corruption
Posted Nov 11, 2010
Authored by Rodrigo Rubira Branco

Apple Directory Services suffers from a memory corruption vulnerability.

tags | advisory
systems | apple
advisories | CVE-2010-1840
SHA-256 | 8481c28235d20fa0485ba7450f678bb97a628f8d197b96a6443f807b2cf74e70
MP3-Nator 2.0 Buffer Overflow
Posted Nov 11, 2010
Authored by C4SS!0 G0M3S

MP3-Nator version 2.0 buffer overflow exploit that uses SEH.

tags | exploit, overflow
SHA-256 | c335135c6b41d9b95eeeda603689e81445e46de5a906f21a2827dfa74a0b506b
QuickTime Sorenson Video 3 Array-Indexing
Posted Nov 11, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an array-indexing error when parsing Sorenson Video 3 content and can be exploited to corrupt memory during decompression via a specially crafted file. Successful exploitation may allow execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-3793
SHA-256 | e114b679b8b2a77228eda194e3cac070aeb1c50ddabcdbb4ade3ae86857bb33e
Core Security Technologies Advisory 2010.1018
Posted Nov 11, 2010
Authored by Core Security Technologies, Aureliano Calvo | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: The Landesk web application does not sufficiently verify if a well-formed request was provided by the user who submitted the request. Using this information an external remote attacker can run arbitrary code using the 'gsbadmin' user (that is the user running the web-server). In order to be able to successfully make the attack, the administrator must be logged in to the appliance with the browser that the attacker uses to make the attack (for instance, exploiting a XSS in a different tab in the browser).

tags | exploit, remote, web, arbitrary
advisories | CVE-2010-2892
SHA-256 | 3dc2b0c9c31c4becfd753be92f87f46eef1496e094193a2f7775f7b49bd1734b
Mandriva Linux Security Advisory 2010-226
Posted Nov 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-226 - ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field. The updated packages have been upgraded to 4.1.2 which is not vulnerable to this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2010-3611
SHA-256 | 4922bf5e49738648e35510aa4a2ea9668d75610f78d049af534d2393734212b8
eBlog 1.7 SQL Injection
Posted Nov 11, 2010
Authored by Salvatore Fresta

eBlog version 1.7 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 1a2cfd3278dbeda4157eb5b3fbc85a0cca754a64c1bc18f52e9b73ac95b5b61f
Ubuntu Security Notice 1016-1
Posted Nov 11, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1016-1 - Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2010-4008
SHA-256 | 42391e777177980eaa8a5166d54d647c74cbbfd5c179c16b35279e026478183f
Ubuntu Security Notice 1015-1
Posted Nov 11, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1015-1 - Christoph Diehl discovered that libvpx did not properly perform bounds checking. If an application using libvpx opened a specially crafted WebM file, an attacker could cause a denial of service or possibly execute code as the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2010-4203
SHA-256 | 3d7f3698fdd765644a29b164662bfb4cf37221e935597d1b1ca3cd7f365c3935
vBulletin Downloads FileInfo SQL Injection
Posted Nov 11, 2010
Authored by jos_ali_joe

vBulletin Downloads FileInfo suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5a1f9cba7d1877678b412adcfd181ae8d615cb3784c52e11c6d21277ca0e477a
Babylon Cross-Application Scripting Code Execution
Posted Nov 11, 2010
Authored by Yair Amit, Roee Hay

The Babylon online dictionary and translation software fails to sanitize user input before rendering it on the Trident control, effectively leading to a cross-application scripting vulnerability. The Trident control runs in Local Machine Zone (LMZ) which is not Locked down and due to this the vulnerability can allow for code execution.

tags | advisory, local, code execution
SHA-256 | 521bd04a9d93d3243cb54ea1da35796ea3e0170a38c45bee3986db191b659c09
Ganesha Digital Library 4.2 SQL Injection
Posted Nov 11, 2010
Authored by Arianom

Ganesha Digital Library version 4.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | be422c82ab9b717f734b92a528468b6a145c36d9d26759a2997218d163e9861e
ACROS Security Problem Report 2010-11-10.2
Posted Nov 11, 2010
Authored by ACROS Security, Simon Raner | Site acrossecurity.com

ACROS Security Problem Report #2010-11-10-02 - A binary planting vulnerability in Microsoft Word 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.

tags | advisory, remote, local
systems | windows
advisories | CVE-2010-3337
SHA-256 | 39cad8e7dbdb46dd9950300db060a957a65f86625e02967c627e6fd585188855
ACROS Security Problem Report 2010-11-10.3
Posted Nov 11, 2010
Authored by ACROS Security, Simon Raner | Site acrossecurity.com

ACROS Security Problem Report #2010-11-10-03 - A binary planting vulnerability in Microsoft Excel 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.

tags | advisory, remote, local
systems | windows
advisories | CVE-2010-3337
SHA-256 | 372b067ad956bff5c5fe8c059ec5b674e34786161a23b90e60aea1fcf580aa01
ACROS Security Problem Report 2010-11-10.1
Posted Nov 11, 2010
Authored by ACROS Security, Simon Raner | Site acrossecurity.com

ACROS Security Problem Report #2010-11-10-01 - A binary planting vulnerability in Microsoft PowerPoint 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.

tags | advisory, remote, local
systems | windows
advisories | CVE-2010-3337
SHA-256 | a329c4134ecfbda8db94bc668a6c672d4361d55bd4c8152e98d15e161f6e7be7
Mandriva Linux Security Advisory 2010-225
Posted Nov 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-225 - A vulnerability was discovered and corrected in libmbfl (php). The updated packages have been patched to correct these issues. The MDVSA-2010:225 advisory used the wrong patch to address the problem, however it did fix the issue. This advisory provides the correct upstream patch.

tags | advisory, php
systems | linux, mandriva
advisories | CVE-2010-4156
SHA-256 | 2203cef88168e2a77c3c7b7ba0c8963ffdbbd9e4cd234e5ebd370f2a7b74d1ad
GNU SIP Witch Telephony Server 0.9.2
Posted Nov 11, 2010
Authored by David Sugar | Site gnutelephony.org

GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.

Changes: Fixes were made for issues related to TLS SIP support, publishing of contact information in registration replies, and clean shutdown on server failure.
tags | telephony
SHA-256 | f00861ee6f7e585ce9d2ae6ddb5901a650f59a99fd2152c83e5a17a2c9369cf7
Qtweb Browser 3.5 Buffer Overflow
Posted Nov 11, 2010
Authored by PoisonCode

Qtweb Browser version 3.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 0d8a567b27cb86e07b0971e9019ea85575a9f07cd1427dcee9e58f28278ba618
Ricoh Aficio Web Image Monitor 2.03 Cross Site Scripting
Posted Nov 11, 2010
Authored by The Light Cosine

Ricoh Aficio Web Image Monitor version 2.03 suffers from cross site scripting and redirection vulnerabilities.

tags | exploit, web, vulnerability, xss
SHA-256 | 9cb8a3f297c5e5664ca6551ba861cee32ff3b727dc04c87fa31e1cc0c6f6332f
FCKeditor 2.4.3 Arbitrary File Upload
Posted Nov 11, 2010
Authored by grabz

FCKeditor versions 2.4.3 and below suffer from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | 920c992916ff6edc7e82d97321249e6a3fbb8bce83280449881f67dcc1433d8b
Free CD To MP3 Converter 3.1 Buffer Overflow
Posted Nov 11, 2010
Authored by C4SS!0 G0M3S

Free CD to MP3 Converter version 3.1 buffer overflow exploit leveraging SEH.

tags | exploit, overflow
SHA-256 | e6e553c4fd82afaa40ad6292f49dd709214d217833d58db95041e429d9616f49
Free CD To MP3 Converter 3.1 Buffer Overflow
Posted Nov 11, 2010
Authored by C4SS!0 G0M3S

Free CD to MP3 Converter version 3.1 buffer overflow exploit.

tags | exploit, overflow
SHA-256 | ca000b5840fc351b5afa8e17bfb99c1a3a34496fad529ed37eb2374ad5901ca3
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close