Showing 1 - 7 of 7

Files Date: 2010-12-07 to 2010-12-08

Winamp 5.6 Arbitrary Code Execution In MIDI Parser: Posted Dec 7, 2010; Authored by Morten Shearman Kirkegaard, Peter Wilhelmsen | Site kryptoslogic.com; Winamp versions 5.6 and 5.5.81 suffer from an arbitrary code execution vulnerability in their MIDI parser.; tags | exploit, arbitrary, code execution; SHA-256 | 6f22772bf5ad2a66e10ae1f6c6493f376514c549ca7824e2f1f3c68d4d85234c; Download | Favorite | View

OpenSSL Toolkit 1.0.0c: Posted Dec 7, 2010; Site openssl.org; OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.; Changes: An error was fixed in the experimental J-PAKE implementation, which could lead to successful validation by someone with no knowledge of the shared secret. This issue was reported as CVE-2010-4252. An old bug in a workaround that allowed malicious clients to modify the stored session cache ciphersuite was fixed. This issue was reported as CVE-2010-4180.; tags | encryption, protocol; systems | unix; advisories | CVE-2010-4252, CVE-2010-4180; SHA-256 | f731b36de3edaa361179ae6f449668b248a360e34e31e92902d976e9b9d604eb; Download | Favorite | View

Zimplit CMS Cross Site Scripting: Posted Dec 7, 2010; Authored by High-Tech Bridge SA | Site htbridge.com; Zimplit CMS suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 9ce094c4864bc40ec44d36c8b3e42a3784ae772cb66b2122cfa652243cccb3d0; Download | Favorite | View

iDEFENSE Security Advisory 2010-12-07.1: Posted Dec 7, 2010; Authored by iDefense Labs, Hossein Lotfi | Site idefense.com; iDefense Security Advisory 12.07.10 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. The vulnerability specifically exists in the way specially crafted PICT image files are handled by the QuickTime PictureViewer. When processing specially crafted PICT image files, Quicktime PictureViewer uses a set value from the file to control the length of a byte swap operation. The byte swap operation is used to convert big endian data to little endian data. QuickTime fails to validate the length value properly before using it. When a length value is larger than the actual buffer size supplied, it will corrupt heap memory beyond the allocated buffer, which could lead to an exploitable condition. QuickTime Player versions prior to 7.6.9 are vulnerable.; tags | advisory, remote, arbitrary; systems | apple; advisories | CVE-2010-3800; SHA-256 | 4bb677daf3bb8a3483d603a95401b8fbc17090e4dfc5ab0ec2cab5cd33f94563; Download | Favorite | View

Exponent CMS 2.0.0pr2 Local File Inclusion: Posted Dec 7, 2010; Authored by High-Tech Bridge SA | Site htbridge.com; Exponent CMS version 2.0.0pr2 suffers from multiple local file inclusion vulnerabilities.; tags | exploit, local, vulnerability, file inclusion; SHA-256 | e4b86c9e014bf9d8410bf321399f060dc2303ac45e612c2f5c1c0585f850c610; Download | Favorite | View

GNU inetutils 1.8-1 FTP Client Heap Overflow: Posted Dec 7, 2010; Authored by Rew; GNU inetutils version 18-1 suffers from a ftp client heap overflow vulnerability.; tags | exploit, overflow; SHA-256 | 282da6696173d8cd3739def58f4cfdc260a9fe4ac9634077887519e75c3b4e34; Download | Favorite | View

WWWThreads Cross Site Scripting: Posted Dec 7, 2010; Authored by Aliaksandr Hartsuyeu | Site evuln.com; WWWThreads suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 6a8ae2d29c8ce79bc422b7fb20d1a055d6c11964402190df41aaa801b933263b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days